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.REMARKS 

01-^1 idr> amendment iccen'ed t>> the Oltsce on Dei^enibei ?1 20o4 A. »,op\ J 
p\c\i mmry amendment is provided herewith for the Exammef\ convecierxe 

Ht<-iPxs Fe^dh^g Claims 

l - iauns I - bii were examined, and aU were rejected. 

L.iai.rns i • ^.j aio oO - o6 reniam pCDdjng. 

Claims 1 26, 3 "i, 43, 44, 52, and 60 are amended to recite presenting access bv .caiotc 
debates ta cryptographic keys used by tlie key server to peifomi c-j'ptogiaphjc operatjohj. 
bupoort IS found at least at p. 7, 11. 3 - 23 of the appireatton. 

Claims 8 and 9 are aitsended to eorreet mmor mforrtialities, 

No new matter has been added to the application oy tliese amendineets. 

i he Exa^nncr has taker the poj»Uioti tlial ApplicaiUs argument presented on pa^e^ (- 
2(' v>^*he ^csponjje lo tiic previous Office actson ''tnamly armies diat the pr.oi art of recosc dfies 
.not exphcitiy disclose at jeast one unique identifier for idennfymg at least one key foi 
pe' loaning transfomiatsor " 4pfp1icaatb respectfiiny point out that although Applicantt, did 
-v ikf i ■argi^ruMt it di.zo . itco for >riy rbou: on*, tcr^h of the ipace demoted to argtmiems 
■'I entcd ag-:^ n«t :^ e cUnA rejeciu) .s Corsequeutlv, a!>plica.its understand that the Fxamuier'» 
itHk of Lonu u ( - it «>ijc. X'> 'be .eriaai ng arguments medicate * iproval of tho c 
, 1 L'its iK avL („t \\\*h K^b.i be Lw a \d MP! P "0" "<> 

1^ iMr»'r*tiiii.c oi ansv^erng a|.phcxJntS aigoirerts is dia isatcvl '^v In ''C 
Jo31^. 2-^. \r2d m USPQ !a2 (CCPA 1958) wher.. the apphwnt 
u'L^ u > ''t tno s 5bxct mattei c'aimed piodiiced new and useful lejjultb Ihe coun 
^t od rb^t si ice appl'ca': nie.i^ oi aC\cintagts was not questioned b> the 

Cxt 1 1" ujf>"J(4d ^[o^, ^ ^ ^ nstid ned tij accept the .^tatcmcrr at 
Uk- vvU e ana iiere'OiC ^vurn cenam L^d'ms lo alKmab.c See also In ic 
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Soni, 54 F.3d 746, 75L 34 USPQ2d 1684, 1688 (Fed. Cir, 1995) (Office iailcd 
to rebut applicant's argumcm}. 

[ t^o^ ni/v^a u In c lairis lo w hsch Applu ants' linan^w ered argt ments pertain Allematix eh 
Applicants rc!»pect&liy maintain all of the unanswered aigiimenls piesented in the response to 
the pie% lous OfBce action by reference to that response as if those argiiriems cro agan im\y sci 
\onb berem and respectfully request a response those argiiment">, so ApD'^c,^n'<^ od ^ onsidc 
<iil dtsci^asv ta-^vfs I \ n..sehtcc' fo5 nitammg t;io e.c \s 

\] r^o\e'r liL r\>?'T dn^Us tnat d e pr'OJ ait do^ii T\ot e\ ^ i i i i lu i n >t 
d' e Kh*-! v.r\p Ob. api>o \e\s/ IxU t.on*c->d tit. p s i i.lot>e i et,o jat i ki.\b 

to be usco to c&taDhsh secur*. communication ""md also -^or datji crcrypt-,oi\" cnag Bci-on, 
1 0 40 ~ 57 for support That explanatiofi appears m recognize the dif ferenc^es dtsc1os»ed in the 
specification and m Berson between 1) eutablishing keys for secure com Tit!nicat.on, am 2) 
^ s hl'N upg diflerem keys for encryption operations IIo\\ever, it also s ig|ests tliat tiie rcict-iiu'i 
N sv r mtorrec. ntcrpretations ofbotli the teachmgsofBerson and the teachings of the 
cuircriV speciiieation. 

The t ted "ocatJO" m Bv.'son t^s(,.oses t ^ . lii^r k,.^ sc-.! ^ -i hvv< <. ! < 
and er Tnat ie> xS u&ed to secaie conin^iaitco'tons bets^eei^ the ^,hcAl and ocn er, Sv cb \ v 
tstabhshing a scci ro tun.id (Berson, 10 44 - 46) 'nier<-dfter, encj yptec mfornitinon (s rci.ei\ od 
at the server ^rom the client (id , 46 ~~ 48) "A second ke> also can be sent to t le serv er {ro.n t'le 
diinx " u£t 4'^ - 50) That second key is for the ser\er to nse ni encrvp*ion oncratioi s di s-^/.j. r 
ton- tht cpc "^-'o ! > -^f ' "i.ed Mect.Lr wit i '*^e ' ecu e t> ? ne C> k i ^ o s [ ^ i c 
cr^ptk^g d . o,)c dtio^l I rs ^een pcjto n ed, t u i'^^ ^^^^ t * le ci ntot>iapi . m - ^ 
sc'U ^ "^i^t^.cn fu pxi t^e \e "id '^O-'^O Thus a socu c vur'^!^ i bi (. v.^^^ 5 k 

V- 0' %'adt \e stivei Ihereatter, he client senas to the sei\ ci datathat '■CGUircsav.'-',p\t, apl v 
Ov^eial'on and tlie ke> needed to perfoi-m the operation, to offload the piccchsing burdi^n 
associated \% »th the ope:ation from the client to the server The server retuns to the cheut f-ic 
operated-Oil data. 

pi>n'ded to *re Lr\r?lograp£iiv. setvict engine bva secu'^e kcv pro\Kkr f( f t i.., e e u 



F«tiV130i74,l 



17 



Apptji.No. i()/5j.9.239 

Reply to nsiai office action smiled May 5, 2010 



PATENT 



cryptographic operations on data provided by the clientj while prtn eatis-g :5ccess to those keys by 
tho client. Bcrson does not disclose, suggest, or render obvious prevents ng access to 
cryptographic keys by a client 

Request for recoitv^ideratioa of the fljtality of the refectloH of the last Office action 

In view of the remarks presented above, the Examiner is respectSilly requested to 
reconsider the finality of the rejection of the last Offio; action, and address the unanswerai 
arguincnts presented in response to tliat action. Applicants should be afforded the opportunity to 
consider &e value of any allowable subject matter identified, and to consider md adda^ss any 
reasons that may be presented for maintaiBing the; rejections. 

Cimm Reketi&ms -M m€:MS2 

Claims 1 -- 24 stand rejected under 35 U.S.C. § lf32fbj as allegedly anticipated by Berson 
et al, (U.S. patent 7,051 4^9). The rejection is traversed with regard to ihe claim?^ as cmrenily 
presented. 

The claims are directed to a network attached encjyi^tion ser^'er *or prcvkhng 
ci^'ptographic services to remotely hosteci <^np' v onoryption server can thereby 

offload the associated cryptograpMc processing buidci) irom the remote hosts running the 
spohcations. The server can also provide such services for a plurality of svich remote hosts, as 
well as centralized management of the encryption services provided by the encryption sewer. 
Moreover, the encryption server has seciure access to tise cn-ptographic ke>s used to perform 
-,"^p;^-'-iipM^ opofations v hcreas tie :cniote h.osts aie p*c\ ented from accessing those 
05 v;:^t{>g.at>b.o k.ev\ . ,\ ,xanipV^ tie crsp:oi\aphsc ke>s can be stored in a hardware secunty 
''^t>Ju'e {'^JS.\t;. ai\ ^ , \ \M Sc^ c oiicd and further secured, such as - . ^ r ^l\e 
ise (>r,. t u: of >i ^v.a-^ cards to access iit- keys (p, 11. 7 - 22). Aoi;ijidvngl>. £,n i'\sec. re 
condition on a host, such as a security breach by a malicious hacker or a disgruntled €-mplo>ce, 
cannot compromise the security of the keys. 

In contrast, Berson teaches a s>stem including a cryptographic server providmf 
or\'ptaL,rap.ut se? s icts U> oldens, ir smirch iie clients '■hc.r^clses pjuvidt; ;Le Kcv^ lo be used in 
cr^ptograpjiic operations. In Berson, "a first key is estabhshed, and a tuai.c i^ ^iCkci ated on the 
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ncis\ork [between the unM md the serv ej] Thereaftei, 'n%mator is rtjcc vc ' s 

Uup' tau ^.1 i ' uti 5/ na the ^uni'^' Sith ntoiinnson is cjivi-vpttd b^ he c^'i. t i <. 

ke\ ' Be i ^ ^ I . 1 ] ^ I * 'ion t! t r to t s c j > M . t it i 

mcladui^ kv-ss n e^sagcs a.ud c pncrtext (id , ^ 15 - 1 ) b\ otliCi woids ui 3u\ ? U > i s^d 

bv the server to perform oryplographic operaaons are pro\idedb> the cl ent or the server, and 

the chent is not prevented fron acce!>smg tho&e keys Although Berson bnefl> Jit>clobes 

embodiment in whici it is* not clesr where the keys used for crj'ptog^ap'iic ofcration-. vomc 

p\<>.evc^ (J >. ^artl" dt ir he ' p>e!ened en K)U n er 1 1-" lu ^'o^' t K s 

e p H n <.^it;ir fui 2 - 4~l Mo co\ ci, loxs 1 cjv dx^ts Bt;i->o d sv o ^. oi je i o ^Is 
sus;eest tha* dienta aie prevented irom accessing the ke>is Ui>ed by t^e mniosen ei to nei toin 
cryptographic operations. Even m the embodiment in whtch the cr>pto&ei-vei already kaowi, the 
chant's* private key, it is mpliedthat the eryptoserver first obtained the client's prnato key troui 
tiic t ''cm and stoied it for 'ater i{sc {id 12 6-8) 

^ecutc k.e\ picxsdei D.OMG ng '^v.cv.s<- b, <, l ^ ^ ^ t ^<,r^ it s i, t v sp jp i-.e 
andprv,\enting avi-tr-^s ei lote ae\ icvs to accrvpo^ * j kcvs k t, i c u it ^,5 /pwOg^apiia 
i>crvice reciests cc^mpnse ai^ identifier foi id<,nntying the cryptograph c ke\ tv^ i se loi 
^rsptographic oocmtions, data to be operated on and mshuctions fot how the cryptogmphn. 
sen (,0 engine should operate on the data Berson doei not dist lose or suggest i*\osc i^at ir\.<i 
I heietore, 3cison does not articipate claim 1 , and the section 102 rejecnon of claim 1 t<*nnot 

j-,v«iied Cl ns'^- ucpcna iro t l u 1 rxl coTUaui iH of Jts feamres A,ccoiainglv, 
\vif!">uf icjuuvCtotie ownman vlua' no u o^t, Ja'f^s .-e ^Mow^tble ^oj at Last t^v s'^me 
reasons clasm i is allowabse. 

n adJit'on r^.gaidin|, c a^r 2i. <"he Lxammer lquW Bor op U 67 oi-^ Jv>^sl.s 
c'a nivxi clenenti. including a hardware secunty module bi direaionall> co ipled to a dd«ababc 
and sauable for stonng private keys and a miMt card mteriace dc\ ice liowe\ t-t , Berson dO;.s 
not diiclo^iC those %atares, Ai the cited location oi elsev, heie 1 he oris featui ^ c aimed m dmn 
2] that could bvM 1 ^ '^t-utuo ad cn tba* ^^ort o i ol Fei so t ^ > jt 

crvp*ographiv. ^^^l (.nto v'^^v bi iineLiior^ally coiiplea to sam databi s ' Be^ i^e ^^ot.s 
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K I di-do^f' £-J ot the featuie;* of claim 21, the rejection of claim 21 is not supported, and chna 
d! \i -"'^ o i>at reason as \i ell v. "diin^ 22 24 deoon<i rt^nicf 1^21 I -^-^(^ a^! \\ \ 
lor at least ine same reasons, 

^rf^euonfieiemarkijpiebentcdabcae ict.ons^deia^oh<*.d th^iu^^ of c ^v^cii 2 
rsjectjoa ot elaims 1 - 24 are respectfully requested. 

aaim Refections - 35 USC01O3 

C f s 2 -^c d r-^ cctiiJ ^ idi 35 1 SC ^ lOnb) ailcgedh l?eiigui\patv;iit<*:)k 
vvcj ' soi L^i ^ -"^ Ti-c. tkd, ntoun^Mlieieieaion fib to tbo->e claims The 
rcKi-t veis^ov>il Lg^sitotK enaxiing ciamis as. currently pisjscnted 

RcgaidiPg t am the Examiner admits Berson doeb not disclose appl>ing tli*. secret 
shanng scheme claimed, but contends it would ha\e been obvious to add that feature to Beison, 
« e , usmg "k-out of n" smart cardj, inserted mlo the cryptographic key su\ ei I lowcs er, the 
! ^ nerN rfttion for extendmg Beaon ih to use such a scheme *\vheTi multiple cl ci ts 
AncT\ \-\ Jth ^ scv ir t v ^ej ^ e? w J '^u^ ^sts *hat ti e hxaai n^'^ doe^^ li. b\ a imvwre now 
sut,ha schcire \>orU bcv-it's t >i s o ; > (k ^ sm > -nrg na t cl v.i"-- bat at ui 
\^ A Dro^ ding greater f lO^^^tHM .or tue i.' i f 'he t>dn i-'d - ^v^u J b*. 

used even if only one cLen* \\ e.e present Acto'-drngu , thv jationale sajgesiea o} tn^. T > as >s ej 
for extending Ber&on is inapposite, and the rejection of claim 25 should be vviti-'dravv'n 

Re^^ardmg claims 26 66, the Examiner contcpds the\ eneompasis the sa'ne ot- sirti^r 
st.opc as », la'ms 1 2\ and arc rejected based on the same reasons set tortli m the r<,jcctu>ns of 
c»aim^ 1 "'^ App'K?^ s rcsnettf'. \ d.saiTet dnd 'iLttc that 4 s. ^a^tscn^^o ianns 26 ~ 66 
vOmpiiSL kauircs o* \^vina chiTb, - 25 nor ^re uiv> d sc v^ei. su v. o f cf^'i 
.b-^j 5's soh t'or ext^'^pie, c'aiaUb 65 t^^^ depend lo i ii 

Tvundi' <...iUTt ' or its othei aepcndcnts, lorm Beison Faitherno B^^^ i <,ki,-^iK ]a kl 
.e^st t . nnied features pertaining to an appUcatton's use ot a ci>ptogiapi ic A.ri (<,lam-s 2'? ^2, 
42), Ta\ a Cryptographic Extensions (ciam 29), a Cryptographic Sen ice Provider aiui x API 
' iiole'^ie itcd as a DLLs * clairr 30), an AP. exposed v sa MS C \P1 (clai 3 i ) esta'ihshint, a set 

s\ t ro 0 ^7Ut^seiv ^^.s o\ cr a network (cla'tri> >^ 40; t aci^ req je^ u 
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cr>pl;ograph}C services (claim 41), storng sensit \e data oniv m tntivrred * -i, <i .1 + 
<■ o'^*^roj!Tng access to keys storea in a cr>p*ograpiuc ^cv ^cr cM^ a p s ^ ^i'ii ^.i 'to; m,*. 
p-> 0 ^ L cQmpnis,m§.&hArdv>Aie -^^un \ si 1,1 ne (.e ^olaim ^1) and 

Ik ^ictptsng and encryptiBg data en route to an c^dp'k ation bcr\ cm Cxas 1 1 ^ } 

As noted above, mdepcsKdait elajiiis 27, 32, 33, 42, 48, 5L aiid 53 comprise fealureb that 
arc not disclosed, suggested, 01 rendered obvious by Ben>on Therefore the section 103 rejcctum 
of those ciaims and their dqjendents is not supported, and should be 'v^ itbdi awn h addition, 
muepcndent claims 26, 4^^ -4 52, ^4 ?^-,d ( 0 ^>ave been intended <o s k lui - 5 1 c\ so e; t --at 
<^'o\emb access to •^^oxca cr>ptog Jirb ^ - j '^.TfHXv s.^t. As 10 f ^ \ > 1 

1 bcrt-tore, the section 1\'5 rejection ot tf^ose clainii and txie,r deoe.^deiit- is atso "iv . -,apporiv.J 
and should be withdrawn. 

Based on the remarks presented above, reconsideration and withdrawal of the section 1{>3 
reiectma of clairns 25 - 53 and60-66 are respect&Jly requested. 
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Conclusmn 

No othei matter- leman Ii Mew o^'ix ^oregomg ant. dne * arc ma"- A ^ 
ss-> at 1 sub ! i !v ''o < n or>l'caUon, m>.iudn^C!ain-is i - ^ ! 

LvM t !^ vfi ^ t>,j. I h\ -lit red 03 hjs associate Michdoi BeuTian. Ii>>^ 

Voft-i 16'4 jf lhat would expedite proseciiEioa. 

Re&pcctfiilly submuted, 
THOMAS I 01 ^ \l\ ^ud 
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